GitLab
Full GitLab API access: repos, MRs, issues, pipelines, and registries.
Quick answer
What it does
Provides access to GitLab projects, merge requests, issues, commits, branches, pipelines, and code search via the GitLab REST API.
Best for
- Merge request review and management
- Issue triage on GitLab projects
- Code search across self-hosted instances
- Pipeline status monitoring
Not for
- GitHub workflows
- Repos that span both GitHub and GitLab without a clear primary
Setup recipe
Pick your client, then follow the three steps.
- 1
Install
claude_desktop_config.jsonjson{ "mcpServers": { "gitlab": { "command": "npx", "args": [ "-y", "@zereight/mcp-gitlab" ], "env": { "GITLAB_PERSONAL_ACCESS_TOKEN": "${GITLAB_PERSONAL_ACCESS_TOKEN}", "GITLAB_API_URL": "${GITLAB_API_URL}" } } } }Paste under mcpServers. Fully quit and reopen Claude after editing.
CLI or .mcp.jsonshell# export GITLAB_PERSONAL_ACCESS_TOKEN=glpat-your_token # export GITLAB_API_URL=https://gitlab.com/api/v4 claude mcp add gitlab -- npx -y @zereight/mcp-gitlabRun from your repo. Commit .mcp.json to share with your team.
.cursor/mcp.jsonjson{ "mcpServers": { "gitlab": { "command": "npx", "args": [ "-y", "@zereight/mcp-gitlab" ], "env": { "GITLAB_PERSONAL_ACCESS_TOKEN": "${GITLAB_PERSONAL_ACCESS_TOKEN}", "GITLAB_API_URL": "${GITLAB_API_URL}" } } } }Global path: ~/.cursor/mcp.json. Reload window after editing.
.vscode/mcp.jsonjsonc{ "servers": { "gitlab": { "command": "npx", "args": [ "-y", "@zereight/mcp-gitlab" ], "env": { "GITLAB_PERSONAL_ACCESS_TOKEN": "${GITLAB_PERSONAL_ACCESS_TOKEN}", "GITLAB_API_URL": "${GITLAB_API_URL}" } } } }VS Code uses the "servers" key (not "mcpServers").
~/.codeium/windsurf/mcp_config.jsonjson{ "mcpServers": { "gitlab": { "command": "npx", "args": [ "-y", "@zereight/mcp-gitlab" ], "env": { "GITLAB_PERSONAL_ACCESS_TOKEN": "${GITLAB_PERSONAL_ACCESS_TOKEN}", "GITLAB_API_URL": "${GITLAB_API_URL}" } } } }Open via Cascade → hammer icon → Configure.
cline_mcp_settings.jsonjson{ "mcpServers": { "gitlab": { "command": "npx", "args": [ "-y", "@zereight/mcp-gitlab" ], "env": { "GITLAB_PERSONAL_ACCESS_TOKEN": "${GITLAB_PERSONAL_ACCESS_TOKEN}", "GITLAB_API_URL": "${GITLAB_API_URL}" } } } }Open via the Cline sidebar → MCP Servers → Edit.
~/.continue/config.jsonjson{ "experimental": { "modelContextProtocolServers": [ { "transport": { "type": "stdio", "command": "npx", "args": [ "-y", "@zereight/mcp-gitlab" ], "env": { "GITLAB_PERSONAL_ACCESS_TOKEN": "${GITLAB_PERSONAL_ACCESS_TOKEN}", "GITLAB_API_URL": "${GITLAB_API_URL}" } } } ] } }Continue uses modelContextProtocolServers with a transport block.
~/.codex/config.tomlshell# ~/.codex/config.toml [mcp_servers.gitlab] command = "npx" args = [ "-y", "@zereight/mcp-gitlab", ] env = { GITLAB_PERSONAL_ACCESS_TOKEN = "${GITLAB_PERSONAL_ACCESS_TOKEN}", GITLAB_API_URL = "${GITLAB_API_URL}" }Codex uses TOML. Each server is a [mcp_servers.<name>] subtable.
~/.config/zed/settings.jsonjsonc{ "context_servers": { "gitlab": { "command": { "path": "npx", "args": [ "-y", "@zereight/mcp-gitlab" ] }, "env": { "GITLAB_PERSONAL_ACCESS_TOKEN": "${GITLAB_PERSONAL_ACCESS_TOKEN}", "GITLAB_API_URL": "${GITLAB_API_URL}" } } } }Zed calls them "context_servers". Settings live-reload on save.
ChatGPT → Apps directorynoneGitLab doesn't ship a hosted HTTPS endpoint today. ChatGPT supports remote MCP servers only — to use this server in ChatGPT you'll need to deploy it to a public HTTPS URL first (e.g. via Cloudflare Workers or Vercel) or wait for an official remote build.
- 2
Set required secrets
Set
GITLAB_PERSONAL_ACCESS_TOKEN,GITLAB_API_URLin your shell environment before launching your MCP client. - 3
Try a minimum working prompt
Open a draft MR that bumps a dependency
On the GitLab project `my-group/my-app`, open a draft merge request from a new branch `bump-axios` that updates axios to the latest patch version in package.json and runs the test pipeline. Do not merge — leave it draft for review.Tested with: Claude Desktop, Claude Code, Cursor.
Tools & permissions
| Tool | Description | Args | Side effects |
|---|---|---|---|
list_projects | List projects the token has access to. | — | Read |
get_file_contents | Read a file from a project at a given path and ref. | project_id: string, file_path: string, ref?: string | Read |
search_code | Search code across projects. | q: string | Read |
create_merge_request | Open a merge request. | project_id: string, source_branch: string, target_branch: string, title: string | Write |
merge_merge_request | Merge an open MR that satisfies the project's merge requirements. | project_id: string, merge_request_iid: number | Write |
create_issue | Open a new issue on a project. | project_id: string, title: string, description?: string | Write |
get_pipeline | Fetch pipeline status and jobs. | project_id: string, pipeline_id: number | Read |
Security & scope
- Access scope
- Read + write
- Sandbox
- Authenticates to the GitLab API using the personal access token in `GITLAB_PERSONAL_ACCESS_TOKEN`. The blast radius equals the token scope — the MCP has whatever project, MR, issue, and admin permissions the token grants.
- Gotchas
- Self-hosted instances often have different scope semantics than gitlab.com — verify in your instance's admin docs before assuming a scope is read-only.
- Branch protection and merge rules apply server-side; unprotected branches let an agent push directly to default branches.
Agent prompt pack
— copy into Claude, Cursor, or ChatGPT.Paste into Claude, Cursor, or ChatGPT. Edit the [brackets] before sending.
Recommend the best MCP servers for [task: e.g. git & repo workflows work] in [client: Claude]. Constraints: - Prefer tools that are [official | open-source | read-only] — pick what matters for my use case. - Exclude MCPs that require [e.g. a paid plan, OAuth-only flows, remote-only transport]. - Return at most 3 picks, ranked. For each pick include: 1. One-sentence rationale. 2. The ready-to-paste install snippet for my client. 3. Any required secrets I need to create before installing. Cross-check the top-mcps.com listing: https://top-mcps.com/top-mcps-for-git-repo-workflows
Compare GitLab against a real alternative. Swap the second MCP in [brackets] if you want a different match.
Compare GitLab MCP vs [GitHub MCP] for the following job: [describe the job, e.g. "let an agent create GitHub issues on bug triage"]. Judge them on: - Setup time and complexity (what a new user hits first). - Auth model (none / API key / OAuth 2.1) and credential risk. - Transport (stdio / Streamable HTTP / SSE) and where the server runs. - Required secrets and the blast radius if they leak. - Operational risk in an unattended agent loop. - Which one is "good enough" for a weekend prototype vs. production. End with one sentence: which should I pick for my scenario, which is: [my scenario]. References: - https://top-mcps.com/mcp/gitlab - top-mcps.com listing for GitHub
Asks the agent to install and verify. Works inside Claude Code, Cursor Agent, Codex CLI.
Install the GitLab MCP server for my [client: Claude] at the default config path for that client. Use the exact install snippet published at https://top-mcps.com/mcp/gitlab (fetch https://top-mcps.com/mcp/gitlab.json for the canonical server.json if you can read URLs). Before finishing: 1. Create the required secrets (GITLAB_PERSONAL_ACCESS_TOKEN, GITLAB_API_URL) and put them in the appropriate env block — do not hard-code them. 2. Restart or reload the client so it picks up the new server. 3. Verify the server is connected (green / running state) and at least one tool is listed. 4. If anything fails, read the client's MCP logs and report the exact error — do not silently retry. Confirm when done and list the tools the server now exposes.
Frequently asked questions
What changed
— 2 updates tracked.Refreshed install snippets and fact sheet; verified for 2026.
Initial directory listing.
More Git & Repo Workflows MCPs
Other tools in the same category worth evaluating.
Compared with GitLab
Side-by-side breakdowns for the choices people most often weigh against this MCP.
Exploring Top MCPs for Git & Repo Workflows? See all Git & Repo Workflows MCPs →